Jump to content
Sign in to follow this  
adamef_wg

Trying to set up a monitor that returns the event log entry in its email alert

Recommended Posts

Hi,

 

New to the forum and new to being a LT admin, so sorry if this has been asked before. I did some searching before posting and couldn't find anything. I'm trying to create a monitor that alerts us to failed login attempts (which I've been able to do), but also includes the event log transcript in the email body so we can see which account is trying to be accessed. I originally tried putting %username% in the email body, but it returned either the username of whichever account may have been left logged in or said "no account" if nobody was already logged in.

 

IE: 

"Failed login attempt on domain\administrator", but then the event logged showed it was actually "administrator2" that was attempting to log in

or

"Failed login attempt on No Account" if everyone had already logged out of their sessions, but the event log would show that "administrator" or "administrator2" etc had tried to log in.

 

Rather than trying to find a LT variable that fits this I thought it'd just be easier to have it copy what was in the event log, but I can't seem to find how to do that either. Any suggestions would be great. Thanks.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...